US breaches Internet trust

Updated: 2014-06-07 07:20

By Li Zheng(China Daily)

Washington has committed a series of mistakes and jeopardized cybersecurity by leveling charges against five PLA officers

By charging five People's Liberation Army officers with cyber crime, the US Department of Justice has cast a shadow on Sino-US cyber cooperation. The negative impact of the US move will have a long-term impact on Sino-US ties, because it has set a dangerous precedent in the international cybersecurity arena.

Besides, it is difficult for the US to achieve the result it so desperately desires because it has committed a series of mistakes. The first US mistake is the timing of the move, which inadvertently has revealed its true intentions. The US has been widely criticized for its clandestine mass electronic surveillance project, called PRISM, ever since it was exposed by former National Security Agency operative Edward Snowden in June 2013. But that has not stopped the US government from spying on other countries and their enterprises, for just three months ago the American media reported that the NSA had hacked the servers of China's Huawei. Since the US Department of Justice leveled the charge against the PLA officers shortly after that, it seems the US administration is trying to divert attention from the fallout of the PRISM project.

What perhaps is more surprising is that the US move against the PLA officers came at a time when Beijing and Washington had been cooperating on cybersecurity for one year. In July 2013, the China-US Joint Working Group on cybersecurity held its first meeting in Washington, and thanks to the feedback from both sides, the new mechanism boosted Sino-US cyber cooperation, easing the tension created by the Mandiant report and the PRISM revelations.

The US charge against the PLA officers, however, ended this trend, prompting Beijing to rightly doubt the sincerity of Washington in establishing the Joint Working Group. It also made Beijing wonder whether Washington was using the charge against the PLA officers as a bargaining chip to get excessive concessions in the bilateral dialogue. If true, it would be a non-constructive move instead of being a clever ploy by the US.

The US' second mistake is that it has trained its gun at the wrong target. The indictment of serving PLA officers has made the issue more complicated. Unit 61398 charged by the US Justice Department is the same that the American security firm Mandiant had mentioned one year ago in its report. Since many cybersecurity experts from China and the US doubt the Mandiant report because of its analytical flaws, one wonders whether the charge against the PLA officers is another case of groundless US accusation.

Furthermore, serving military officers have little chance of defending themselves in a civil court, for they have to protect national secrets. In that case, shouldn't we consider the US charge unjust and null and void ab initio?

The US has made a third mistake by choosing the worst way to exert pressure on China. The US hoped to pressure China over cyber issues through its domestic laws, without realizing that China would treat its move as a provocative measure. The US issued arrest warrants against all the five suspects, deepening the Chinese government's belief that the Americans were trying to damage China's image. Accordingly, Beijing responded strongly to the charge. After what the US has done, it is difficult for it to rectify the situation, especially because the US judiciary is not expected to change or cancel the lawsuit.

Given the seriousness of the situation, China has decided to freeze the Joint Working Group on cybersecurity, which was supposed to be held during the Sino-US Strategic and Economic Dialogue in July. As a result, the US charge and related cyber issues are likely to become too hot an issue at the S&ED for the two sides to achieve any breakthrough on.

More importantly, the US move will have a negative impact on global Internet security. International trust is at the core of Internet security, but the lack of trust between the two biggest cyber powers seems to have jeopardized that. Trust is needed to persuade countries to agree to a unified Internet system rather than developing independent systems to protect their national interests. Trust is also critical to combating transnational Internet crimes.

China and the US both should realize that non-state players, such as terrorists and cyber crime groups, are responsible for the majority of cyber attacks and pose the greatest threat to the future of the Internet. Some of these groups use advanced technical know-how to hide or disguise their sources. As Lillian Ablon and two other scholars from RAND Corporation have said in their research work on cyber crime, the global market for cyber crime tools and stolen data is rising. Thus the US charge against PLA officers is bound to affect China-US cooperation over cybersecurity, which cyber criminals could use to their advantage. And the US would be responsible for this unfortunate development.

The author is an assistant researcher at the Institute of American Studies of China Institutes of Contemporary International Relations. www.chinausfocus.com